CVE-2016-8418

{"id": "CVE-2016-8418", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2017-02-08T15:59:00.363", "references": [{"url": "http://www.securityfocus.com/bid/96058", "tags": ["Third Party Advisory"], "source": "security@android.com"}, {"url": "http://www.securitytracker.com/id/1037798", "source": "security@android.com"}, {"url": "https://source.android.com/security/bulletin/2017-02-01.html", "tags": ["Vendor Advisory"], "source": "security@android.com"}, {"url": "http://www.securityfocus.com/bid/96058", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1037798", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://source.android.com/security/bulletin/2017-02-01.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the context of the kernel. Product: Android. Versions: N/A. Android ID: A-32652894. References: QC-CR#1077457."}, {"lang": "es", "value": "Una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto en el controlador crypto Qualcomm podr\u00eda habilitar a un atacante remoto a ejecutar c\u00f3digo arbitrario dentro del contexto del kernel. Este problema se califica como Critical debido a la posibilidad de ejecutar c\u00f3digo remoto dentro del contexto del Kernel. Producto: Android. Versiones: N/A. Android ID: A-32652894. Referencias: QC-CR#1077457."}], "lastModified": "2024-11-21T02:59:20.150", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2567A6D5-BBA1-47B2-B1C3-EFABE9408FA9", "versionEndIncluding": "6.0.1"}], "operator": "OR"}]}], "sourceIdentifier": "security@android.com"}